Mentions: davidhashmiller

(Making Sense of the Wonder and the Chaos )

DEF CON can be overwhelming, with a tremendous variety of talks, activities, and
parties from which to choose. In order to help you make sense of the con, and get the most out of it, I’ve put together this brief guide. It’ll be helpful for those of you attending DEF CON for the first time, but perhaps even experienced attendees will get something from this guide.

Workshops

These are intense, hands-on technical sessions – each running 4-6 hours – held throughout the con. These are free for conference attendees, but they fill up VERY quickly – typically just a few minutes after registration opens.

Speakers

In many ways, these are the heart of DEF CON – an enormous number of presentations on topics that span technology, security, research, society, politics, and economics. These include large keynote presentations as well as smaller sessions.

Read through the list, make note of which ones you want to attend – and arrive early. There will be (long) lines to get in, and some sessions will be full!

One of the most amazing aspects of DEF CON is the huge spectrum of educational and hands-on activities. These are organized by topic area, or as DEF CON calls them, “villages”. Each village is located in a certain area of the convention center, easily found on the maps. This year’s DEF CON features more than 20 villages, including:

These villages have different setups – some of them – especially the more technical ones, tend to be very hands-on (bring your computer). Some are a series of lectures & discussions – for example Biohacking, and Ethics – with a detailed scheduled listed on the DEF CON village site.

I recommend visiting as many of these as you can, at least to get a sense for what’s going on in each. There’s a remarkable variety of topics, and some incredibly intelligent and passionate people working at each. Go, talk to them, and learn something!

Contests and Events

DEF CON provides a huge array of Contests (and a few non-competitive Events) to choose from.

Events include an early morning bike ride, hacker karaoke, laser shooting, and a Mohawk hairstyling station (fundraising for the EFF).

But hackers are naturally competitive, and as such DEF CON offers an incredible variety of contests. Many of these are highly technical, while others stress different skills – such as Hacker Jeopardy, Hacker Spelling Bee, Scavenger Hunt, Drunk Hacker History, and the legendary Beard and Mustache Competition.

Most of the technical contests provide serious (but fun) challenges which require considerable skill, but also typically demand a considerable time commitment during DEF CON. I won’t attempt to enumerate the technical contests here – take a look for yourself at the link above.

Capture the Flag

Capture the Flag (CTF) is a highly overloaded term at DEF CON. Used generically, it refers to any of a number of the contests listed above, which are structured around obtaining (capturing) information. For example, The Social Engineer CTF (one of my personal favorites to observe) tasks contestants with obtaining information about a target organization.

But “the” CTF contest at DEF CON – referred to as simply “CTF” – is arguably the most prestigious hacking contest on the planet, one which requires teams to earn a spot through a series of qualifying rounds throughout the year.

Demo Labs

These are technical demo stations dedicated to researchers and hackers who have something new and interesting to demonstrate. These are highly technical, but even if they’re beyond your depth, I encourage you to stop by to talk to the motivated and intelligent people behind these tools.

Vendor Room

The vendor room – notoriously crowded – features selected purveyors of books, tools, and hacking paraphernalia. It’s definitely worth a visit to see what’s new and interesting, and to chat with the EFF folks.

Parties

Badges

No DEF CON overview would be complete without discussing the badges.

First – the official DEF CON badges are the ones that get you entry to the conference, and for which you pay $280 cash. You’ll be required to wear these throughout the conference,. These are not your normal conference badges — these have no identifying information or barcodes on them, and you’re not “scanned” by vendors.

There are several different varieties of official badges – including Human, Press, Speaker, Vendor, Goon, and the rare Black Badge . Goons are the volunteers who help run DEF CON (treat them nicely, and talk to them – most of them are experienced infosec practitioners). Most of us will be attending DEF CON as Humans (sorry!). Most years the badges are electronic (and hackable), and there’s a rich history of tinkering with them.

In addition to the official badges, there is also a fun subculture called badgelife, comprised of people who make electronic badges for fun, or to support specific organizations ( e.g. QueerCon ). Some of these are available via Kickstarter, for direct purchase, or only onsite. Here is the semi-official list in GoogleDocs.

Food

I might have mentioned once or twice that DEF CON is crowded! The food service in the conference center can be unreliable in quality and availability (I’m being diplomatic here), and the hotel restaurants can have very long waits (Caesar’s Smashburger 50-person line, I’m talking to you!).

Bring some snacks (and water) with you, and you’ll have a lot more flexibility in terms of eating schedules. And share to make new friends!

DEF CON: The (Scheduling) App:

Thanks to the @_advice_dog we all have free access to the HackerTracker app (iOS and Android) — the official DEF CON Scheduling app.

Some Final Thoughts

Be patient (it’s crowded), be inquisitive (there’s a ton to learn), and be respectful of the presenters and attendees (please)

Plan your con – write down your top activities (especially those that are time-constrained, such as the speakers) but don’t overplan it. Some of your best and most memorable DEF CON experiences will be serendipitous

Security – Turn off Bluetooth and Wi-Fi on your devices, lest you end up on the Wall of Sheep. The conference does offer Wi-Fi (see here) which might very well be secure. Personally, I will not be using it. Bring a phone power pack and avoid plugging your phone into any public charging cables

Be respectful of people! Read the official Code of Conduct here. Relevant quote: insulting or harassing other participants is unacceptable. It’s also bad karma, people.

Most of all – have fun! DEF CON is an incredible experience – one that we’re lucky to be able to participate in – so make the most of it.